package j.framework.tags.security;

import j.framework.core.FApplication;
import j.framework.core.LoginUser;
import j.framework.core.MembershipProvider;
import j.util.StringUtils;
import j.util.web.WebUtils;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.TagSupport;

/**
 * 仅当当前用户具备指定模块权限的指定操作权限时，才显示标签体内容
 * User: jason
 * Date: 2015/3/10 10:15
 */
public class HasActionTag extends TagSupport {
    private String functionCode;
    private String actionCode;

    @Override
    public int doStartTag() throws JspException {
        if(StringUtils.isNullOrEmpty(functionCode) ||
                StringUtils.isNullOrEmpty(actionCode)){
            return EVAL_PAGE;
        }
        HttpServletRequest request = (HttpServletRequest)this.pageContext.getRequest();
        LoginUser user = (LoginUser) WebUtils.getSessionAttribute(request, LoginUser.SESSION_KEY);
        MembershipProvider provider = FApplication.getMembershipProvider();
        if(provider.hasAction(user, functionCode, actionCode)){
            //有权限
            return EVAL_BODY_INCLUDE;
        }
        //无权限，不显示标签体
        return SKIP_BODY;
    }

    @Override
    public int doAfterBody() throws JspException {
        //显示标签体的内容
        return super.doAfterBody();
    }

    @Override
    public int doEndTag() throws JspException {
        return EVAL_PAGE;
    }

    public void setFunctionCode(String functionCode) {
        this.functionCode = functionCode;
    }

    public void setActionCode(String actionCode) {
        this.actionCode = actionCode;
    }
}
